diff --git a/Lombiq.HelpfulLibraries.OrchardCore/Security/OrchardCoreBuilderExtensions.cs b/Lombiq.HelpfulLibraries.OrchardCore/Security/OrchardCoreBuilderExtensions.cs
index db332747..ed433b97 100644
--- a/Lombiq.HelpfulLibraries.OrchardCore/Security/OrchardCoreBuilderExtensions.cs
+++ b/Lombiq.HelpfulLibraries.OrchardCore/Security/OrchardCoreBuilderExtensions.cs
@@ -79,7 +79,8 @@ public static OrchardCoreBuilder ConfigureSecurityDefaults(
 
                 app
                     .UseContentSecurityPolicyHeader(allowInlineScript, allowInlineStyle)
-                    .UseNosniffContentTypeOptionsHeader();
+                    .UseNosniffContentTypeOptionsHeader()
+                    .UseStrictAndSecureCookies();
             },
             order: 99); // Makes this service load fairly late. This should make the setup detection more accurate.
         return builder